summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/rsa
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/rsa/Makefile.ssl224
-rw-r--r--src/lib/libcrypto/rsa/rsa.h150
-rw-r--r--src/lib/libcrypto/rsa/rsa_asn1.c121
-rw-r--r--src/lib/libcrypto/rsa/rsa_chk.c2
-rw-r--r--src/lib/libcrypto/rsa/rsa_eay.c114
-rw-r--r--src/lib/libcrypto/rsa/rsa_err.c5
-rw-r--r--src/lib/libcrypto/rsa/rsa_lib.c175
-rw-r--r--src/lib/libcrypto/rsa/rsa_none.c8
-rw-r--r--src/lib/libcrypto/rsa/rsa_null.c23
-rw-r--r--src/lib/libcrypto/rsa/rsa_oaep.c300
-rw-r--r--src/lib/libcrypto/rsa/rsa_pk1.c12
-rw-r--r--src/lib/libcrypto/rsa/rsa_saos.c14
-rw-r--r--src/lib/libcrypto/rsa/rsa_sign.c30
-rw-r--r--src/lib/libcrypto/rsa/rsa_ssl.c10
-rw-r--r--src/lib/libcrypto/rsa/rsa_test.c14
15 files changed, 693 insertions, 509 deletions
diff --git a/src/lib/libcrypto/rsa/Makefile.ssl b/src/lib/libcrypto/rsa/Makefile.ssl
index 2bee181d4e..8a9f7cbe0c 100644
--- a/src/lib/libcrypto/rsa/Makefile.ssl
+++ b/src/lib/libcrypto/rsa/Makefile.ssl
@@ -5,13 +5,14 @@
5DIR= rsa 5DIR= rsa
6TOP= ../.. 6TOP= ../..
7CC= cc 7CC= cc
8INCLUDES= -I.. -I../../include 8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g 9CFLAG=-g
10INSTALL_PREFIX= 10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl 11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl 12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl 13MAKE= make -f Makefile.ssl
14MAKEDEPEND= $(TOP)/util/domd $(TOP) 14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
15MAKEFILE= Makefile.ssl 16MAKEFILE= Makefile.ssl
16AR= ar r 17AR= ar r
17 18
@@ -23,9 +24,11 @@ APPS=
23 24
24LIB=$(TOP)/libcrypto.a 25LIB=$(TOP)/libcrypto.a
25LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ 26LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
26 rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c 27 rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
28 rsa_asn1.c
27LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ 29LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
28 rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o 30 rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
31 rsa_asn1.o
29 32
30SRC= $(LIBSRC) 33SRC= $(LIBSRC)
31 34
@@ -41,8 +44,7 @@ all: lib
41 44
42lib: $(LIBOBJ) 45lib: $(LIBOBJ)
43 $(AR) $(LIB) $(LIBOBJ) 46 $(AR) $(LIB) $(LIBOBJ)
44 @echo You may get an error following this line. Please ignore. 47 $(RANLIB) $(LIB) || echo Never mind.
45 - $(RANLIB) $(LIB)
46 @touch lib 48 @touch lib
47 49
48files: 50files:
@@ -81,141 +83,137 @@ clean:
81 83
82# DO NOT DELETE THIS LINE -- make depend depends on it. 84# DO NOT DELETE THIS LINE -- make depend depends on it.
83 85
84rsa_chk.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 86rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
85rsa_chk.o: ../../include/openssl/crypto.h ../../include/openssl/err.h 87rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
88rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
89rsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
90rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
91rsa_asn1.o: ../../include/openssl/opensslconf.h
92rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
93rsa_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
94rsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
95rsa_asn1.o: ../cryptlib.h rsa_asn1.c
96rsa_chk.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
97rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
98rsa_chk.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
86rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 99rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
87rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h 100rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
88rsa_chk.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 101rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
89rsa_chk.o: ../../include/openssl/symhacks.h 102rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
90rsa_eay.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h 103rsa_chk.o: rsa_chk.c
91rsa_eay.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h 104rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h
92rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h 105rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
93rsa_eay.o: ../../include/openssl/crypto.h ../../include/openssl/des.h 106rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
94rsa_eay.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h 107rsa_eay.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
95rsa_eay.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 108rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
96rsa_eay.o: ../../include/openssl/engine.h ../../include/openssl/err.h 109rsa_eay.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
97rsa_eay.o: ../../include/openssl/evp.h ../../include/openssl/idea.h 110rsa_eay.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
98rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h 111rsa_eay.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
99rsa_eay.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
100rsa_eay.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
101rsa_eay.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
102rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
103rsa_eay.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
104rsa_eay.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
105rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h 112rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
106rsa_eay.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 113rsa_eay.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
107rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h 114rsa_eay.o: ../../include/openssl/ui.h ../cryptlib.h rsa_eay.c
108rsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 115rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
109rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/err.h 116rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
117rsa_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
110rsa_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 118rsa_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
111rsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h 119rsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
112rsa_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 120rsa_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
113rsa_err.o: ../../include/openssl/symhacks.h 121rsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
122rsa_err.o: rsa_err.c
123rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
114rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 124rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
115rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 125rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
116rsa_gen.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 126rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
117rsa_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h 127rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
118rsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 128rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
119rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h 129rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
120rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 130rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
121rsa_gen.o: ../cryptlib.h 131rsa_gen.o: ../cryptlib.h rsa_gen.c
122rsa_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h 132rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
123rsa_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h 133rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
124rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h 134rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
125rsa_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
126rsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h 135rsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
127rsa_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 136rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
128rsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h 137rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
129rsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h 138rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
130rsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h 139rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
131rsa_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
132rsa_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
133rsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
134rsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
135rsa_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
136rsa_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
137rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h 140rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
138rsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 141rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
139rsa_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h 142rsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h rsa_lib.c
143rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h
140rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 144rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
141rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 145rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
142rsa_none.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 146rsa_none.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
143rsa_none.o: ../../include/openssl/err.h ../../include/openssl/lhash.h 147rsa_none.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
144rsa_none.o: ../../include/openssl/opensslconf.h 148rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
145rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h 149rsa_none.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
146rsa_none.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h 150rsa_none.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
147rsa_none.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 151rsa_none.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_none.c
148rsa_none.o: ../cryptlib.h 152rsa_null.o: ../../e_os.h ../../include/openssl/asn1.h
149rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 153rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
150rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 154rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
151rsa_null.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 155rsa_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
152rsa_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h 156rsa_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
153rsa_null.o: ../../include/openssl/opensslconf.h 157rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
154rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h 158rsa_null.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
155rsa_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h 159rsa_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
156rsa_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 160rsa_null.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_null.c
157rsa_null.o: ../cryptlib.h 161rsa_oaep.o: ../../e_os.h ../../include/openssl/asn1.h
158rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 162rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
159rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 163rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
160rsa_oaep.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 164rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
161rsa_oaep.o: ../../include/openssl/err.h ../../include/openssl/lhash.h 165rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
166rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
162rsa_oaep.o: ../../include/openssl/opensslconf.h 167rsa_oaep.o: ../../include/openssl/opensslconf.h
163rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h 168rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
164rsa_oaep.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h 169rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
165rsa_oaep.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 170rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
166rsa_oaep.o: ../../include/openssl/symhacks.h ../cryptlib.h 171rsa_oaep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
172rsa_oaep.o: ../cryptlib.h rsa_oaep.c
173rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h
167rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 174rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
168rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 175rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
169rsa_pk1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 176rsa_pk1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
170rsa_pk1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h 177rsa_pk1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
171rsa_pk1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 178rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
172rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h 179rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
173rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 180rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
174rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h 181rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c
175rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h 182rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h
176rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h 183rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
177rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h 184rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
178rsa_saos.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
179rsa_saos.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h 185rsa_saos.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
180rsa_saos.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 186rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
181rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h 187rsa_saos.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
182rsa_saos.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
183rsa_saos.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
184rsa_saos.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
185rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h 188rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
186rsa_saos.o: ../../include/openssl/opensslconf.h 189rsa_saos.o: ../../include/openssl/opensslconf.h
187rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h 190rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
188rsa_saos.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h 191rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
189rsa_saos.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h 192rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
190rsa_saos.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h 193rsa_saos.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
191rsa_saos.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 194rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
192rsa_saos.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h 195rsa_saos.o: ../cryptlib.h rsa_saos.c
193rsa_saos.o: ../../include/openssl/x509_vfy.h ../cryptlib.h 196rsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
194rsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h 197rsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
195rsa_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h 198rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
196rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
197rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
198rsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h 199rsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
199rsa_sign.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 200rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
200rsa_sign.o: ../../include/openssl/engine.h ../../include/openssl/err.h 201rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
201rsa_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h 202rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
202rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
203rsa_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
204rsa_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
205rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h 203rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
206rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h 204rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
207rsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h 205rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
208rsa_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h 206rsa_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
209rsa_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h 207rsa_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
210rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h 208rsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
211rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
212rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h 209rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
213rsa_sign.o: ../cryptlib.h 210rsa_sign.o: ../cryptlib.h rsa_sign.c
211rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h
214rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 212rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
215rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 213rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
216rsa_ssl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 214rsa_ssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
217rsa_ssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h 215rsa_ssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
218rsa_ssl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 216rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
219rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h 217rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
220rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 218rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
221rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h 219rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c
diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h
index bda636a365..030a6c88e5 100644
--- a/src/lib/libcrypto/rsa/rsa.h
+++ b/src/lib/libcrypto/rsa/rsa.h
@@ -59,13 +59,16 @@
59#ifndef HEADER_RSA_H 59#ifndef HEADER_RSA_H
60#define HEADER_RSA_H 60#define HEADER_RSA_H
61 61
62#ifndef NO_BIO 62#include <openssl/asn1.h>
63
64#ifndef OPENSSL_NO_BIO
63#include <openssl/bio.h> 65#include <openssl/bio.h>
64#endif 66#endif
65#include <openssl/bn.h> 67#include <openssl/bn.h>
66#include <openssl/crypto.h> 68#include <openssl/crypto.h>
69#include <openssl/ossl_typ.h>
67 70
68#ifdef NO_RSA 71#ifdef OPENSSL_NO_RSA
69#error RSA is disabled. 72#error RSA is disabled.
70#endif 73#endif
71 74
@@ -78,16 +81,20 @@ typedef struct rsa_st RSA;
78typedef struct rsa_meth_st 81typedef struct rsa_meth_st
79 { 82 {
80 const char *name; 83 const char *name;
81 int (*rsa_pub_enc)(int flen,unsigned char *from,unsigned char *to, 84 int (*rsa_pub_enc)(int flen,const unsigned char *from,
85 unsigned char *to,
82 RSA *rsa,int padding); 86 RSA *rsa,int padding);
83 int (*rsa_pub_dec)(int flen,unsigned char *from,unsigned char *to, 87 int (*rsa_pub_dec)(int flen,const unsigned char *from,
88 unsigned char *to,
84 RSA *rsa,int padding); 89 RSA *rsa,int padding);
85 int (*rsa_priv_enc)(int flen,unsigned char *from,unsigned char *to, 90 int (*rsa_priv_enc)(int flen,const unsigned char *from,
91 unsigned char *to,
86 RSA *rsa,int padding); 92 RSA *rsa,int padding);
87 int (*rsa_priv_dec)(int flen,unsigned char *from,unsigned char *to, 93 int (*rsa_priv_dec)(int flen,const unsigned char *from,
94 unsigned char *to,
88 RSA *rsa,int padding); 95 RSA *rsa,int padding);
89 int (*rsa_mod_exp)(BIGNUM *r0,BIGNUM *I,RSA *rsa); /* Can be null */ 96 int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa); /* Can be null */
90 int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, 97 int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
91 const BIGNUM *m, BN_CTX *ctx, 98 const BIGNUM *m, BN_CTX *ctx,
92 BN_MONT_CTX *m_ctx); /* Can be null */ 99 BN_MONT_CTX *m_ctx); /* Can be null */
93 int (*init)(RSA *rsa); /* called at new */ 100 int (*init)(RSA *rsa); /* called at new */
@@ -101,10 +108,12 @@ typedef struct rsa_meth_st
101 * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER 108 * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
102 * option is set in 'flags'. 109 * option is set in 'flags'.
103 */ 110 */
104 int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len, 111 int (*rsa_sign)(int type,
105 unsigned char *sigret, unsigned int *siglen, RSA *rsa); 112 const unsigned char *m, unsigned int m_length,
106 int (*rsa_verify)(int dtype, unsigned char *m, unsigned int m_len, 113 unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
107 unsigned char *sigbuf, unsigned int siglen, RSA *rsa); 114 int (*rsa_verify)(int dtype,
115 const unsigned char *m, unsigned int m_length,
116 unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
108 117
109 } RSA_METHOD; 118 } RSA_METHOD;
110 119
@@ -113,12 +122,10 @@ struct rsa_st
113 /* The first parameter is used to pickup errors where 122 /* The first parameter is used to pickup errors where
114 * this is passed instead of aEVP_PKEY, it is set to 0 */ 123 * this is passed instead of aEVP_PKEY, it is set to 0 */
115 int pad; 124 int pad;
116 int version; 125 long version;
117#if 0 126 const RSA_METHOD *meth;
118 RSA_METHOD *meth; 127 /* functional reference if 'meth' is ENGINE-provided */
119#else 128 ENGINE *engine;
120 struct engine_st *engine;
121#endif
122 BIGNUM *n; 129 BIGNUM *n;
123 BIGNUM *e; 130 BIGNUM *e;
124 BIGNUM *d; 131 BIGNUM *d;
@@ -172,121 +179,108 @@ struct rsa_st
172#define RSA_get_app_data(s) RSA_get_ex_data(s,0) 179#define RSA_get_app_data(s) RSA_get_ex_data(s,0)
173 180
174RSA * RSA_new(void); 181RSA * RSA_new(void);
175#if 0 182RSA * RSA_new_method(ENGINE *engine);
176RSA * RSA_new_method(RSA_METHOD *method); 183int RSA_size(const RSA *);
177#else
178RSA * RSA_new_method(struct engine_st *engine);
179#endif
180int RSA_size(RSA *);
181RSA * RSA_generate_key(int bits, unsigned long e,void 184RSA * RSA_generate_key(int bits, unsigned long e,void
182 (*callback)(int,int,void *),void *cb_arg); 185 (*callback)(int,int,void *),void *cb_arg);
183int RSA_check_key(RSA *); 186int RSA_check_key(const RSA *);
184 /* next 4 return -1 on error */ 187 /* next 4 return -1 on error */
185int RSA_public_encrypt(int flen, unsigned char *from, 188int RSA_public_encrypt(int flen, const unsigned char *from,
186 unsigned char *to, RSA *rsa,int padding); 189 unsigned char *to, RSA *rsa,int padding);
187int RSA_private_encrypt(int flen, unsigned char *from, 190int RSA_private_encrypt(int flen, const unsigned char *from,
188 unsigned char *to, RSA *rsa,int padding); 191 unsigned char *to, RSA *rsa,int padding);
189int RSA_public_decrypt(int flen, unsigned char *from, 192int RSA_public_decrypt(int flen, const unsigned char *from,
190 unsigned char *to, RSA *rsa,int padding); 193 unsigned char *to, RSA *rsa,int padding);
191int RSA_private_decrypt(int flen, unsigned char *from, 194int RSA_private_decrypt(int flen, const unsigned char *from,
192 unsigned char *to, RSA *rsa,int padding); 195 unsigned char *to, RSA *rsa,int padding);
193void RSA_free (RSA *r); 196void RSA_free (RSA *r);
197/* "up" the RSA object's reference count */
198int RSA_up_ref(RSA *r);
194 199
195int RSA_flags(RSA *r); 200int RSA_flags(const RSA *r);
196 201
197void RSA_set_default_openssl_method(RSA_METHOD *meth); 202void RSA_set_default_method(const RSA_METHOD *meth);
198RSA_METHOD *RSA_get_default_openssl_method(void); 203const RSA_METHOD *RSA_get_default_method(void);
199RSA_METHOD *RSA_get_method(RSA *rsa); 204const RSA_METHOD *RSA_get_method(const RSA *rsa);
200#if 0 205int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
201RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth);
202#else
203int RSA_set_method(RSA *rsa, struct engine_st *engine);
204#endif
205 206
206/* This function needs the memory locking malloc callbacks to be installed */ 207/* This function needs the memory locking malloc callbacks to be installed */
207int RSA_memory_lock(RSA *r); 208int RSA_memory_lock(RSA *r);
208 209
209/* If you have RSAref compiled in. */
210RSA_METHOD *RSA_PKCS1_RSAref(void);
211
212/* these are the actual SSLeay RSA functions */ 210/* these are the actual SSLeay RSA functions */
213RSA_METHOD *RSA_PKCS1_SSLeay(void); 211const RSA_METHOD *RSA_PKCS1_SSLeay(void);
214 212
215RSA_METHOD *RSA_null_method(void); 213const RSA_METHOD *RSA_null_method(void);
216 214
217void ERR_load_RSA_strings(void ); 215DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
216DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
218 217
219RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); 218#ifndef OPENSSL_NO_FP_API
220int i2d_RSAPublicKey(RSA *a, unsigned char **pp); 219int RSA_print_fp(FILE *fp, const RSA *r,int offset);
221RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
222int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
223#ifndef NO_FP_API
224int RSA_print_fp(FILE *fp, RSA *r,int offset);
225#endif 220#endif
226 221
227#ifndef NO_BIO 222#ifndef OPENSSL_NO_BIO
228int RSA_print(BIO *bp, RSA *r,int offset); 223int RSA_print(BIO *bp, const RSA *r,int offset);
229#endif 224#endif
230 225
231int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey); 226int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey);
232RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey); 227RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey);
233RSA *d2i_RSA_NET_2(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey);
234 228
235int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()); 229int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)());
236RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()); 230RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)());
237/* Naughty internal function required elsewhere, to handle a MS structure
238 * that is the same as the netscape one :-) */
239RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, int (*cb)());
240 231
241/* The following 2 functions sign and verify a X509_SIG ASN1 object 232/* The following 2 functions sign and verify a X509_SIG ASN1 object
242 * inside PKCS#1 padded RSA encryption */ 233 * inside PKCS#1 padded RSA encryption */
243int RSA_sign(int type, unsigned char *m, unsigned int m_len, 234int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
244 unsigned char *sigret, unsigned int *siglen, RSA *rsa); 235 unsigned char *sigret, unsigned int *siglen, RSA *rsa);
245int RSA_verify(int type, unsigned char *m, unsigned int m_len, 236int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
246 unsigned char *sigbuf, unsigned int siglen, RSA *rsa); 237 unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
247 238
248/* The following 2 function sign and verify a ASN1_OCTET_STRING 239/* The following 2 function sign and verify a ASN1_OCTET_STRING
249 * object inside PKCS#1 padded RSA encryption */ 240 * object inside PKCS#1 padded RSA encryption */
250int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, 241int RSA_sign_ASN1_OCTET_STRING(int type,
242 const unsigned char *m, unsigned int m_length,
251 unsigned char *sigret, unsigned int *siglen, RSA *rsa); 243 unsigned char *sigret, unsigned int *siglen, RSA *rsa);
252int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, 244int RSA_verify_ASN1_OCTET_STRING(int type,
245 const unsigned char *m, unsigned int m_length,
253 unsigned char *sigbuf, unsigned int siglen, RSA *rsa); 246 unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
254 247
255int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); 248int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
256void RSA_blinding_off(RSA *rsa); 249void RSA_blinding_off(RSA *rsa);
257 250
258int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen, 251int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen,
259 unsigned char *f,int fl); 252 const unsigned char *f,int fl);
260int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen, 253int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen,
261 unsigned char *f,int fl,int rsa_len); 254 const unsigned char *f,int fl,int rsa_len);
262int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen, 255int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
263 unsigned char *f,int fl); 256 const unsigned char *f,int fl);
264int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen, 257int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
265 unsigned char *f,int fl,int rsa_len); 258 const unsigned char *f,int fl,int rsa_len);
266int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen, 259int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,
267 unsigned char *f,int fl,unsigned char *p, 260 const unsigned char *f,int fl,
268 int pl); 261 const unsigned char *p,int pl);
269int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen, 262int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen,
270 unsigned char *f,int fl,int rsa_len, 263 const unsigned char *f,int fl,int rsa_len,
271 unsigned char *p,int pl); 264 const unsigned char *p,int pl);
272int RSA_padding_add_SSLv23(unsigned char *to,int tlen, 265int RSA_padding_add_SSLv23(unsigned char *to,int tlen,
273 unsigned char *f,int fl); 266 const unsigned char *f,int fl);
274int RSA_padding_check_SSLv23(unsigned char *to,int tlen, 267int RSA_padding_check_SSLv23(unsigned char *to,int tlen,
275 unsigned char *f,int fl,int rsa_len); 268 const unsigned char *f,int fl,int rsa_len);
276int RSA_padding_add_none(unsigned char *to,int tlen, 269int RSA_padding_add_none(unsigned char *to,int tlen,
277 unsigned char *f,int fl); 270 const unsigned char *f,int fl);
278int RSA_padding_check_none(unsigned char *to,int tlen, 271int RSA_padding_check_none(unsigned char *to,int tlen,
279 unsigned char *f,int fl,int rsa_len); 272 const unsigned char *f,int fl,int rsa_len);
280 273
281int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 274int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
282 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); 275 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
283int RSA_set_ex_data(RSA *r,int idx,void *arg); 276int RSA_set_ex_data(RSA *r,int idx,void *arg);
284void *RSA_get_ex_data(RSA *r, int idx); 277void *RSA_get_ex_data(const RSA *r, int idx);
285 278
286/* BEGIN ERROR CODES */ 279/* BEGIN ERROR CODES */
287/* The following lines are auto generated by the script mkerr.pl. Any changes 280/* The following lines are auto generated by the script mkerr.pl. Any changes
288 * made after this point may be overwritten when the script is next run. 281 * made after this point may be overwritten when the script is next run.
289 */ 282 */
283void ERR_load_RSA_strings(void);
290 284
291/* Error codes for the RSA functions. */ 285/* Error codes for the RSA functions. */
292 286
@@ -328,6 +322,7 @@ void *RSA_get_ex_data(RSA *r, int idx);
328#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108 322#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108
329#define RSA_R_DATA_TOO_LARGE 109 323#define RSA_R_DATA_TOO_LARGE 109
330#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110 324#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
325#define RSA_R_DATA_TOO_LARGE_FOR_MODULUS 132
331#define RSA_R_DATA_TOO_SMALL 111 326#define RSA_R_DATA_TOO_SMALL 111
332#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122 327#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
333#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112 328#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
@@ -354,4 +349,3 @@ void *RSA_get_ex_data(RSA *r, int idx);
354} 349}
355#endif 350#endif
356#endif 351#endif
357
diff --git a/src/lib/libcrypto/rsa/rsa_asn1.c b/src/lib/libcrypto/rsa/rsa_asn1.c
new file mode 100644
index 0000000000..1455a7e0e4
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_asn1.c
@@ -0,0 +1,121 @@
1/* rsa_asn1.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rsa.h>
63#include <openssl/asn1t.h>
64
65static ASN1_METHOD method={
66 (int (*)()) i2d_RSAPrivateKey,
67 (char *(*)())d2i_RSAPrivateKey,
68 (char *(*)())RSA_new,
69 (void (*)()) RSA_free};
70
71ASN1_METHOD *RSAPrivateKey_asn1_meth(void)
72 {
73 return(&method);
74 }
75
76/* Override the default free and new methods */
77static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
78{
79 if(operation == ASN1_OP_NEW_PRE) {
80 *pval = (ASN1_VALUE *)RSA_new();
81 if(*pval) return 2;
82 return 0;
83 } else if(operation == ASN1_OP_FREE_PRE) {
84 RSA_free((RSA *)*pval);
85 *pval = NULL;
86 return 2;
87 }
88 return 1;
89}
90
91ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = {
92 ASN1_SIMPLE(RSA, version, LONG),
93 ASN1_SIMPLE(RSA, n, BIGNUM),
94 ASN1_SIMPLE(RSA, e, BIGNUM),
95 ASN1_SIMPLE(RSA, d, BIGNUM),
96 ASN1_SIMPLE(RSA, p, BIGNUM),
97 ASN1_SIMPLE(RSA, q, BIGNUM),
98 ASN1_SIMPLE(RSA, dmp1, BIGNUM),
99 ASN1_SIMPLE(RSA, dmq1, BIGNUM),
100 ASN1_SIMPLE(RSA, iqmp, BIGNUM)
101} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey)
102
103
104ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
105 ASN1_SIMPLE(RSA, n, BIGNUM),
106 ASN1_SIMPLE(RSA, e, BIGNUM),
107} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
108
109IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey)
110
111IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey)
112
113RSA *RSAPublicKey_dup(RSA *rsa)
114 {
115 return ASN1_item_dup(ASN1_ITEM_rptr(RSAPublicKey), rsa);
116 }
117
118RSA *RSAPrivateKey_dup(RSA *rsa)
119 {
120 return ASN1_item_dup(ASN1_ITEM_rptr(RSAPrivateKey), rsa);
121 }
diff --git a/src/lib/libcrypto/rsa/rsa_chk.c b/src/lib/libcrypto/rsa/rsa_chk.c
index 91b9115798..002f2cb487 100644
--- a/src/lib/libcrypto/rsa/rsa_chk.c
+++ b/src/lib/libcrypto/rsa/rsa_chk.c
@@ -53,7 +53,7 @@
53#include <openssl/rsa.h> 53#include <openssl/rsa.h>
54 54
55 55
56int RSA_check_key(RSA *key) 56int RSA_check_key(const RSA *key)
57 { 57 {
58 BIGNUM *i, *j, *k, *l, *m; 58 BIGNUM *i, *j, *k, *l, *m;
59 BN_CTX *ctx; 59 BN_CTX *ctx;
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c
index cde5ca27d5..d82dd15493 100644
--- a/src/lib/libcrypto/rsa/rsa_eay.c
+++ b/src/lib/libcrypto/rsa/rsa_eay.c
@@ -65,46 +65,46 @@
65 65
66#ifndef RSA_NULL 66#ifndef RSA_NULL
67 67
68static int RSA_eay_public_encrypt(int flen, unsigned char *from, 68static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
69 unsigned char *to, RSA *rsa,int padding); 69 unsigned char *to, RSA *rsa,int padding);
70static int RSA_eay_private_encrypt(int flen, unsigned char *from, 70static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
71 unsigned char *to, RSA *rsa,int padding); 71 unsigned char *to, RSA *rsa,int padding);
72static int RSA_eay_public_decrypt(int flen, unsigned char *from, 72static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
73 unsigned char *to, RSA *rsa,int padding); 73 unsigned char *to, RSA *rsa,int padding);
74static int RSA_eay_private_decrypt(int flen, unsigned char *from, 74static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
75 unsigned char *to, RSA *rsa,int padding); 75 unsigned char *to, RSA *rsa,int padding);
76static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa); 76static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa);
77static int RSA_eay_init(RSA *rsa); 77static int RSA_eay_init(RSA *rsa);
78static int RSA_eay_finish(RSA *rsa); 78static int RSA_eay_finish(RSA *rsa);
79static RSA_METHOD rsa_pkcs1_eay_meth={ 79static RSA_METHOD rsa_pkcs1_eay_meth={
80 "Eric Young's PKCS#1 RSA", 80 "Eric Young's PKCS#1 RSA",
81 RSA_eay_public_encrypt, 81 RSA_eay_public_encrypt,
82 RSA_eay_public_decrypt, 82 RSA_eay_public_decrypt, /* signature verification */
83 RSA_eay_private_encrypt, 83 RSA_eay_private_encrypt, /* signing */
84 RSA_eay_private_decrypt, 84 RSA_eay_private_decrypt,
85 RSA_eay_mod_exp, 85 RSA_eay_mod_exp,
86 BN_mod_exp_mont, 86 BN_mod_exp_mont, /* XXX probably we should not use Montgomery if e == 3 */
87 RSA_eay_init, 87 RSA_eay_init,
88 RSA_eay_finish, 88 RSA_eay_finish,
89 0, 89 0, /* flags */
90 NULL, 90 NULL,
91 0, /* rsa_sign */
92 0 /* rsa_verify */
91 }; 93 };
92 94
93RSA_METHOD *RSA_PKCS1_SSLeay(void) 95const RSA_METHOD *RSA_PKCS1_SSLeay(void)
94 { 96 {
95 return(&rsa_pkcs1_eay_meth); 97 return(&rsa_pkcs1_eay_meth);
96 } 98 }
97 99
98static int RSA_eay_public_encrypt(int flen, unsigned char *from, 100static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
99 unsigned char *to, RSA *rsa, int padding) 101 unsigned char *to, RSA *rsa, int padding)
100 { 102 {
101 const RSA_METHOD *meth;
102 BIGNUM f,ret; 103 BIGNUM f,ret;
103 int i,j,k,num=0,r= -1; 104 int i,j,k,num=0,r= -1;
104 unsigned char *buf=NULL; 105 unsigned char *buf=NULL;
105 BN_CTX *ctx=NULL; 106 BN_CTX *ctx=NULL;
106 107
107 meth = ENGINE_get_RSA(rsa->engine);
108 BN_init(&f); 108 BN_init(&f);
109 BN_init(&ret); 109 BN_init(&ret);
110 if ((ctx=BN_CTX_new()) == NULL) goto err; 110 if ((ctx=BN_CTX_new()) == NULL) goto err;
@@ -120,7 +120,7 @@ static int RSA_eay_public_encrypt(int flen, unsigned char *from,
120 case RSA_PKCS1_PADDING: 120 case RSA_PKCS1_PADDING:
121 i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen); 121 i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen);
122 break; 122 break;
123#ifndef NO_SHA 123#ifndef OPENSSL_NO_SHA
124 case RSA_PKCS1_OAEP_PADDING: 124 case RSA_PKCS1_OAEP_PADDING:
125 i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0); 125 i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0);
126 break; 126 break;
@@ -139,6 +139,13 @@ static int RSA_eay_public_encrypt(int flen, unsigned char *from,
139 139
140 if (BN_bin2bn(buf,num,&f) == NULL) goto err; 140 if (BN_bin2bn(buf,num,&f) == NULL) goto err;
141 141
142 if (BN_ucmp(&f, rsa->n) >= 0)
143 {
144 /* usually the padding functions would catch this */
145 RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
146 goto err;
147 }
148
142 if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) 149 if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
143 { 150 {
144 BN_MONT_CTX* bn_mont_ctx; 151 BN_MONT_CTX* bn_mont_ctx;
@@ -162,8 +169,8 @@ static int RSA_eay_public_encrypt(int flen, unsigned char *from,
162 if (bn_mont_ctx) 169 if (bn_mont_ctx)
163 BN_MONT_CTX_free(bn_mont_ctx); 170 BN_MONT_CTX_free(bn_mont_ctx);
164 } 171 }
165 172
166 if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, 173 if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
167 rsa->_method_mod_n)) goto err; 174 rsa->_method_mod_n)) goto err;
168 175
169 /* put in leading 0 bytes if the number is less than the 176 /* put in leading 0 bytes if the number is less than the
@@ -186,16 +193,15 @@ err:
186 return(r); 193 return(r);
187 } 194 }
188 195
189static int RSA_eay_private_encrypt(int flen, unsigned char *from, 196/* signing */
197static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
190 unsigned char *to, RSA *rsa, int padding) 198 unsigned char *to, RSA *rsa, int padding)
191 { 199 {
192 const RSA_METHOD *meth;
193 BIGNUM f,ret; 200 BIGNUM f,ret;
194 int i,j,k,num=0,r= -1; 201 int i,j,k,num=0,r= -1;
195 unsigned char *buf=NULL; 202 unsigned char *buf=NULL;
196 BN_CTX *ctx=NULL; 203 BN_CTX *ctx=NULL;
197 204
198 meth = ENGINE_get_RSA(rsa->engine);
199 BN_init(&f); 205 BN_init(&f);
200 BN_init(&ret); 206 BN_init(&ret);
201 207
@@ -223,6 +229,13 @@ static int RSA_eay_private_encrypt(int flen, unsigned char *from,
223 if (i <= 0) goto err; 229 if (i <= 0) goto err;
224 230
225 if (BN_bin2bn(buf,num,&f) == NULL) goto err; 231 if (BN_bin2bn(buf,num,&f) == NULL) goto err;
232
233 if (BN_ucmp(&f, rsa->n) >= 0)
234 {
235 /* usually the padding functions would catch this */
236 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
237 goto err;
238 }
226 239
227 if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) 240 if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
228 RSA_blinding_on(rsa,ctx); 241 RSA_blinding_on(rsa,ctx);
@@ -235,10 +248,10 @@ static int RSA_eay_private_encrypt(int flen, unsigned char *from,
235 (rsa->dmp1 != NULL) && 248 (rsa->dmp1 != NULL) &&
236 (rsa->dmq1 != NULL) && 249 (rsa->dmq1 != NULL) &&
237 (rsa->iqmp != NULL)) ) 250 (rsa->iqmp != NULL)) )
238 { if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } 251 { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
239 else 252 else
240 { 253 {
241 if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; 254 if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err;
242 } 255 }
243 256
244 if (rsa->flags & RSA_FLAG_BLINDING) 257 if (rsa->flags & RSA_FLAG_BLINDING)
@@ -264,17 +277,15 @@ err:
264 return(r); 277 return(r);
265 } 278 }
266 279
267static int RSA_eay_private_decrypt(int flen, unsigned char *from, 280static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
268 unsigned char *to, RSA *rsa, int padding) 281 unsigned char *to, RSA *rsa, int padding)
269 { 282 {
270 const RSA_METHOD *meth;
271 BIGNUM f,ret; 283 BIGNUM f,ret;
272 int j,num=0,r= -1; 284 int j,num=0,r= -1;
273 unsigned char *p; 285 unsigned char *p;
274 unsigned char *buf=NULL; 286 unsigned char *buf=NULL;
275 BN_CTX *ctx=NULL; 287 BN_CTX *ctx=NULL;
276 288
277 meth = ENGINE_get_RSA(rsa->engine);
278 BN_init(&f); 289 BN_init(&f);
279 BN_init(&ret); 290 BN_init(&ret);
280 ctx=BN_CTX_new(); 291 ctx=BN_CTX_new();
@@ -299,6 +310,12 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from,
299 /* make data into a big number */ 310 /* make data into a big number */
300 if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err; 311 if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err;
301 312
313 if (BN_ucmp(&f, rsa->n) >= 0)
314 {
315 RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
316 goto err;
317 }
318
302 if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) 319 if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
303 RSA_blinding_on(rsa,ctx); 320 RSA_blinding_on(rsa,ctx);
304 if (rsa->flags & RSA_FLAG_BLINDING) 321 if (rsa->flags & RSA_FLAG_BLINDING)
@@ -311,10 +328,10 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from,
311 (rsa->dmp1 != NULL) && 328 (rsa->dmp1 != NULL) &&
312 (rsa->dmq1 != NULL) && 329 (rsa->dmq1 != NULL) &&
313 (rsa->iqmp != NULL)) ) 330 (rsa->iqmp != NULL)) )
314 { if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } 331 { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
315 else 332 else
316 { 333 {
317 if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) 334 if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL))
318 goto err; 335 goto err;
319 } 336 }
320 337
@@ -329,7 +346,7 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from,
329 case RSA_PKCS1_PADDING: 346 case RSA_PKCS1_PADDING:
330 r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num); 347 r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num);
331 break; 348 break;
332#ifndef NO_SHA 349#ifndef OPENSSL_NO_SHA
333 case RSA_PKCS1_OAEP_PADDING: 350 case RSA_PKCS1_OAEP_PADDING:
334 r=RSA_padding_check_PKCS1_OAEP(to,num,buf,j,num,NULL,0); 351 r=RSA_padding_check_PKCS1_OAEP(to,num,buf,j,num,NULL,0);
335 break; 352 break;
@@ -359,17 +376,16 @@ err:
359 return(r); 376 return(r);
360 } 377 }
361 378
362static int RSA_eay_public_decrypt(int flen, unsigned char *from, 379/* signature verification */
380static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
363 unsigned char *to, RSA *rsa, int padding) 381 unsigned char *to, RSA *rsa, int padding)
364 { 382 {
365 const RSA_METHOD *meth;
366 BIGNUM f,ret; 383 BIGNUM f,ret;
367 int i,num=0,r= -1; 384 int i,num=0,r= -1;
368 unsigned char *p; 385 unsigned char *p;
369 unsigned char *buf=NULL; 386 unsigned char *buf=NULL;
370 BN_CTX *ctx=NULL; 387 BN_CTX *ctx=NULL;
371 388
372 meth = ENGINE_get_RSA(rsa->engine);
373 BN_init(&f); 389 BN_init(&f);
374 BN_init(&ret); 390 BN_init(&ret);
375 ctx=BN_CTX_new(); 391 ctx=BN_CTX_new();
@@ -392,6 +408,13 @@ static int RSA_eay_public_decrypt(int flen, unsigned char *from,
392 } 408 }
393 409
394 if (BN_bin2bn(from,flen,&f) == NULL) goto err; 410 if (BN_bin2bn(from,flen,&f) == NULL) goto err;
411
412 if (BN_ucmp(&f, rsa->n) >= 0)
413 {
414 RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
415 goto err;
416 }
417
395 /* do the decrypt */ 418 /* do the decrypt */
396 if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) 419 if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
397 { 420 {
@@ -416,8 +439,8 @@ static int RSA_eay_public_decrypt(int flen, unsigned char *from,
416 if (bn_mont_ctx) 439 if (bn_mont_ctx)
417 BN_MONT_CTX_free(bn_mont_ctx); 440 BN_MONT_CTX_free(bn_mont_ctx);
418 } 441 }
419 442
420 if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, 443 if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
421 rsa->_method_mod_n)) goto err; 444 rsa->_method_mod_n)) goto err;
422 445
423 p=buf; 446 p=buf;
@@ -450,14 +473,12 @@ err:
450 return(r); 473 return(r);
451 } 474 }
452 475
453static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) 476static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
454 { 477 {
455 const RSA_METHOD *meth;
456 BIGNUM r1,m1,vrfy; 478 BIGNUM r1,m1,vrfy;
457 int ret=0; 479 int ret=0;
458 BN_CTX *ctx; 480 BN_CTX *ctx;
459 481
460 meth = ENGINE_get_RSA(rsa->engine);
461 if ((ctx=BN_CTX_new()) == NULL) goto err; 482 if ((ctx=BN_CTX_new()) == NULL) goto err;
462 BN_init(&m1); 483 BN_init(&m1);
463 BN_init(&r1); 484 BN_init(&r1);
@@ -515,11 +536,11 @@ static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
515 } 536 }
516 537
517 if (!BN_mod(&r1,I,rsa->q,ctx)) goto err; 538 if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
518 if (!meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx, 539 if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx,
519 rsa->_method_mod_q)) goto err; 540 rsa->_method_mod_q)) goto err;
520 541
521 if (!BN_mod(&r1,I,rsa->p,ctx)) goto err; 542 if (!BN_mod(&r1,I,rsa->p,ctx)) goto err;
522 if (!meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx, 543 if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx,
523 rsa->_method_mod_p)) goto err; 544 rsa->_method_mod_p)) goto err;
524 545
525 if (!BN_sub(r0,r0,&m1)) goto err; 546 if (!BN_sub(r0,r0,&m1)) goto err;
@@ -544,11 +565,20 @@ static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
544 565
545 if (rsa->e && rsa->n) 566 if (rsa->e && rsa->n)
546 { 567 {
547 if (!meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err; 568 if (!rsa->meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err;
548 if (BN_cmp(I, &vrfy) != 0) 569 /* If 'I' was greater than (or equal to) rsa->n, the operation
549 { 570 * will be equivalent to using 'I mod n'. However, the result of
550 if (!meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err; 571 * the verify will *always* be less than 'n' so we don't check
551 } 572 * for absolute equality, just congruency. */
573 if (!BN_sub(&vrfy, &vrfy, I)) goto err;
574 if (!BN_mod(&vrfy, &vrfy, rsa->n, ctx)) goto err;
575 if (vrfy.neg)
576 if (!BN_add(&vrfy, &vrfy, rsa->n)) goto err;
577 if (!BN_is_zero(&vrfy))
578 /* 'I' and 'vrfy' aren't congruent mod n. Don't leak
579 * miscalculated CRT output, just do a raw (slower)
580 * mod_exp and return that instead. */
581 if (!rsa->meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err;
552 } 582 }
553 ret=1; 583 ret=1;
554err: 584err:
diff --git a/src/lib/libcrypto/rsa/rsa_err.c b/src/lib/libcrypto/rsa/rsa_err.c
index 1cde7c0da4..a7766c3b76 100644
--- a/src/lib/libcrypto/rsa/rsa_err.c
+++ b/src/lib/libcrypto/rsa/rsa_err.c
@@ -63,7 +63,7 @@
63#include <openssl/rsa.h> 63#include <openssl/rsa.h>
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef NO_ERR 66#ifndef OPENSSL_NO_ERR
67static ERR_STRING_DATA RSA_str_functs[]= 67static ERR_STRING_DATA RSA_str_functs[]=
68 { 68 {
69{ERR_PACK(0,RSA_F_MEMORY_LOCK,0), "MEMORY_LOCK"}, 69{ERR_PACK(0,RSA_F_MEMORY_LOCK,0), "MEMORY_LOCK"},
@@ -106,6 +106,7 @@ static ERR_STRING_DATA RSA_str_reasons[]=
106{RSA_R_DATA_GREATER_THAN_MOD_LEN ,"data greater than mod len"}, 106{RSA_R_DATA_GREATER_THAN_MOD_LEN ,"data greater than mod len"},
107{RSA_R_DATA_TOO_LARGE ,"data too large"}, 107{RSA_R_DATA_TOO_LARGE ,"data too large"},
108{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, 108{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
109{RSA_R_DATA_TOO_LARGE_FOR_MODULUS ,"data too large for modulus"},
109{RSA_R_DATA_TOO_SMALL ,"data too small"}, 110{RSA_R_DATA_TOO_SMALL ,"data too small"},
110{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ,"data too small for key size"}, 111{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ,"data too small for key size"},
111{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"}, 112{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"},
@@ -139,7 +140,7 @@ void ERR_load_RSA_strings(void)
139 if (init) 140 if (init)
140 { 141 {
141 init=0; 142 init=0;
142#ifndef NO_ERR 143#ifndef OPENSSL_NO_ERR
143 ERR_load_strings(ERR_LIB_RSA,RSA_str_functs); 144 ERR_load_strings(ERR_LIB_RSA,RSA_str_functs);
144 ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons); 145 ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons);
145#endif 146#endif
diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c
index 94395cc22c..93235744f7 100644
--- a/src/lib/libcrypto/rsa/rsa_lib.c
+++ b/src/lib/libcrypto/rsa/rsa_lib.c
@@ -66,42 +66,26 @@
66 66
67const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; 67const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT;
68 68
69static RSA_METHOD *default_RSA_meth=NULL; 69static const RSA_METHOD *default_RSA_meth=NULL;
70static int rsa_meth_num=0;
71static STACK_OF(CRYPTO_EX_DATA_FUNCS) *rsa_meth=NULL;
72 70
73RSA *RSA_new(void) 71RSA *RSA_new(void)
74 { 72 {
75 return(RSA_new_method(NULL)); 73 return(RSA_new_method(NULL));
76 } 74 }
77 75
78void RSA_set_default_openssl_method(RSA_METHOD *meth) 76void RSA_set_default_method(const RSA_METHOD *meth)
79 { 77 {
80 ENGINE *e; 78 default_RSA_meth = meth;
81 /* We'll need to notify the "openssl" ENGINE of this
82 * change too. We won't bother locking things down at
83 * our end as there was never any locking in these
84 * functions! */
85 if(default_RSA_meth != meth)
86 {
87 default_RSA_meth = meth;
88 e = ENGINE_by_id("openssl");
89 if(e)
90 {
91 ENGINE_set_RSA(e, meth);
92 ENGINE_free(e);
93 }
94 }
95 } 79 }
96 80
97RSA_METHOD *RSA_get_default_openssl_method(void) 81const RSA_METHOD *RSA_get_default_method(void)
98{ 82 {
99 if (default_RSA_meth == NULL) 83 if (default_RSA_meth == NULL)
100 { 84 {
101#ifdef RSA_NULL 85#ifdef RSA_NULL
102 default_RSA_meth=RSA_null_method(); 86 default_RSA_meth=RSA_null_method();
103#else 87#else
104#ifdef RSAref 88#if 0 /* was: #ifdef RSAref */
105 default_RSA_meth=RSA_PKCS1_RSAref(); 89 default_RSA_meth=RSA_PKCS1_RSAref();
106#else 90#else
107 default_RSA_meth=RSA_PKCS1_SSLeay(); 91 default_RSA_meth=RSA_PKCS1_SSLeay();
@@ -110,69 +94,66 @@ RSA_METHOD *RSA_get_default_openssl_method(void)
110 } 94 }
111 95
112 return default_RSA_meth; 96 return default_RSA_meth;
113} 97 }
114 98
115RSA_METHOD *RSA_get_method(RSA *rsa) 99const RSA_METHOD *RSA_get_method(const RSA *rsa)
116{ 100 {
117 return ENGINE_get_RSA(rsa->engine); 101 return rsa->meth;
118} 102 }
119 103
120#if 0 104int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
121RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth) 105 {
122{ 106 /* NB: The caller is specifically setting a method, so it's not up to us
123 RSA_METHOD *mtmp; 107 * to deal with which ENGINE it comes from. */
108 const RSA_METHOD *mtmp;
124 mtmp = rsa->meth; 109 mtmp = rsa->meth;
125 if (mtmp->finish) mtmp->finish(rsa); 110 if (mtmp->finish) mtmp->finish(rsa);
111 if (rsa->engine)
112 {
113 ENGINE_finish(rsa->engine);
114 rsa->engine = NULL;
115 }
126 rsa->meth = meth; 116 rsa->meth = meth;
127 if (meth->init) meth->init(rsa); 117 if (meth->init) meth->init(rsa);
128 return mtmp;
129}
130#else
131int RSA_set_method(RSA *rsa, ENGINE *engine)
132{
133 ENGINE *mtmp;
134 RSA_METHOD *meth;
135 mtmp = rsa->engine;
136 meth = ENGINE_get_RSA(mtmp);
137 if (!ENGINE_init(engine))
138 return 0;
139 if (meth->finish) meth->finish(rsa);
140 rsa->engine = engine;
141 meth = ENGINE_get_RSA(engine);
142 if (meth->init) meth->init(rsa);
143 /* SHOULD ERROR CHECK THIS!!! */
144 ENGINE_finish(mtmp);
145 return 1; 118 return 1;
146} 119 }
147#endif
148 120
149#if 0
150RSA *RSA_new_method(RSA_METHOD *meth)
151#else
152RSA *RSA_new_method(ENGINE *engine) 121RSA *RSA_new_method(ENGINE *engine)
153#endif
154 { 122 {
155 RSA_METHOD *meth;
156 RSA *ret; 123 RSA *ret;
157 124
158 ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); 125 ret=(RSA *)OPENSSL_malloc(sizeof(RSA));
159 if (ret == NULL) 126 if (ret == NULL)
160 { 127 {
161 RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); 128 RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
162 return(NULL); 129 return NULL;
163 } 130 }
164 131
165 if (engine == NULL) 132 ret->meth = RSA_get_default_method();
133 if (engine)
166 { 134 {
167 if((ret->engine=ENGINE_get_default_RSA()) == NULL) 135 if (!ENGINE_init(engine))
168 { 136 {
137 RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
169 OPENSSL_free(ret); 138 OPENSSL_free(ret);
170 return NULL; 139 return NULL;
171 } 140 }
141 ret->engine = engine;
172 } 142 }
173 else 143 else
174 ret->engine=engine; 144 ret->engine = ENGINE_get_default_RSA();
175 meth = ENGINE_get_RSA(ret->engine); 145 if(ret->engine)
146 {
147 ret->meth = ENGINE_get_RSA(ret->engine);
148 if(!ret->meth)
149 {
150 RSAerr(RSA_F_RSA_NEW_METHOD,
151 ERR_R_ENGINE_LIB);
152 ENGINE_finish(ret->engine);
153 OPENSSL_free(ret);
154 return NULL;
155 }
156 }
176 157
177 ret->pad=0; 158 ret->pad=0;
178 ret->version=0; 159 ret->version=0;
@@ -190,11 +171,13 @@ RSA *RSA_new_method(ENGINE *engine)
190 ret->_method_mod_q=NULL; 171 ret->_method_mod_q=NULL;
191 ret->blinding=NULL; 172 ret->blinding=NULL;
192 ret->bignum_data=NULL; 173 ret->bignum_data=NULL;
193 ret->flags=meth->flags; 174 ret->flags=ret->meth->flags;
194 CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data); 175 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
195 if ((meth->init != NULL) && !meth->init(ret)) 176 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
196 { 177 {
197 CRYPTO_free_ex_data(rsa_meth,ret,&ret->ex_data); 178 if (ret->engine)
179 ENGINE_finish(ret->engine);
180 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
198 OPENSSL_free(ret); 181 OPENSSL_free(ret);
199 ret=NULL; 182 ret=NULL;
200 } 183 }
@@ -203,7 +186,6 @@ RSA *RSA_new_method(ENGINE *engine)
203 186
204void RSA_free(RSA *r) 187void RSA_free(RSA *r)
205 { 188 {
206 RSA_METHOD *meth;
207 int i; 189 int i;
208 190
209 if (r == NULL) return; 191 if (r == NULL) return;
@@ -221,12 +203,12 @@ void RSA_free(RSA *r)
221 } 203 }
222#endif 204#endif
223 205
224 meth = ENGINE_get_RSA(r->engine); 206 if (r->meth->finish)
225 if (meth->finish != NULL) 207 r->meth->finish(r);
226 meth->finish(r); 208 if (r->engine)
227 ENGINE_finish(r->engine); 209 ENGINE_finish(r->engine);
228 210
229 CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data); 211 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
230 212
231 if (r->n != NULL) BN_clear_free(r->n); 213 if (r->n != NULL) BN_clear_free(r->n);
232 if (r->e != NULL) BN_clear_free(r->e); 214 if (r->e != NULL) BN_clear_free(r->e);
@@ -241,12 +223,27 @@ void RSA_free(RSA *r)
241 OPENSSL_free(r); 223 OPENSSL_free(r);
242 } 224 }
243 225
226int RSA_up_ref(RSA *r)
227 {
228 int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA);
229#ifdef REF_PRINT
230 REF_PRINT("RSA",r);
231#endif
232#ifdef REF_CHECK
233 if (i < 2)
234 {
235 fprintf(stderr, "RSA_up_ref, bad reference count\n");
236 abort();
237 }
238#endif
239 return ((i > 1) ? 1 : 0);
240 }
241
244int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 242int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
245 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) 243 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
246 { 244 {
247 rsa_meth_num++; 245 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp,
248 return(CRYPTO_get_ex_new_index(rsa_meth_num-1, 246 new_func, dup_func, free_func);
249 &rsa_meth,argl,argp,new_func,dup_func,free_func));
250 } 247 }
251 248
252int RSA_set_ex_data(RSA *r, int idx, void *arg) 249int RSA_set_ex_data(RSA *r, int idx, void *arg)
@@ -254,47 +251,43 @@ int RSA_set_ex_data(RSA *r, int idx, void *arg)
254 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); 251 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
255 } 252 }
256 253
257void *RSA_get_ex_data(RSA *r, int idx) 254void *RSA_get_ex_data(const RSA *r, int idx)
258 { 255 {
259 return(CRYPTO_get_ex_data(&r->ex_data,idx)); 256 return(CRYPTO_get_ex_data(&r->ex_data,idx));
260 } 257 }
261 258
262int RSA_size(RSA *r) 259int RSA_size(const RSA *r)
263 { 260 {
264 return(BN_num_bytes(r->n)); 261 return(BN_num_bytes(r->n));
265 } 262 }
266 263
267int RSA_public_encrypt(int flen, unsigned char *from, unsigned char *to, 264int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
268 RSA *rsa, int padding) 265 RSA *rsa, int padding)
269 { 266 {
270 return(ENGINE_get_RSA(rsa->engine)->rsa_pub_enc(flen, 267 return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
271 from, to, rsa, padding));
272 } 268 }
273 269
274int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to, 270int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
275 RSA *rsa, int padding) 271 RSA *rsa, int padding)
276 { 272 {
277 return(ENGINE_get_RSA(rsa->engine)->rsa_priv_enc(flen, 273 return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
278 from, to, rsa, padding));
279 } 274 }
280 275
281int RSA_private_decrypt(int flen, unsigned char *from, unsigned char *to, 276int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
282 RSA *rsa, int padding) 277 RSA *rsa, int padding)
283 { 278 {
284 return(ENGINE_get_RSA(rsa->engine)->rsa_priv_dec(flen, 279 return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
285 from, to, rsa, padding));
286 } 280 }
287 281
288int RSA_public_decrypt(int flen, unsigned char *from, unsigned char *to, 282int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
289 RSA *rsa, int padding) 283 RSA *rsa, int padding)
290 { 284 {
291 return(ENGINE_get_RSA(rsa->engine)->rsa_pub_dec(flen, 285 return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
292 from, to, rsa, padding));
293 } 286 }
294 287
295int RSA_flags(RSA *r) 288int RSA_flags(const RSA *r)
296 { 289 {
297 return((r == NULL)?0:ENGINE_get_RSA(r->engine)->flags); 290 return((r == NULL)?0:r->meth->flags);
298 } 291 }
299 292
300void RSA_blinding_off(RSA *rsa) 293void RSA_blinding_off(RSA *rsa)
@@ -328,8 +321,7 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
328 if (!BN_rand_range(A,rsa->n)) goto err; 321 if (!BN_rand_range(A,rsa->n)) goto err;
329 if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; 322 if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
330 323
331 if (!ENGINE_get_RSA(rsa->engine)->bn_mod_exp(A,A, 324 if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
332 rsa->e,rsa->n,ctx,rsa->_method_mod_n))
333 goto err; 325 goto err;
334 rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n); 326 rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n);
335 rsa->flags|=RSA_FLAG_BLINDING; 327 rsa->flags|=RSA_FLAG_BLINDING;
@@ -385,4 +377,3 @@ int RSA_memory_lock(RSA *r)
385 r->bignum_data=p; 377 r->bignum_data=p;
386 return(1); 378 return(1);
387 } 379 }
388
diff --git a/src/lib/libcrypto/rsa/rsa_none.c b/src/lib/libcrypto/rsa/rsa_none.c
index f22fce5016..e6f3e627ca 100644
--- a/src/lib/libcrypto/rsa/rsa_none.c
+++ b/src/lib/libcrypto/rsa/rsa_none.c
@@ -62,8 +62,8 @@
62#include <openssl/rsa.h> 62#include <openssl/rsa.h>
63#include <openssl/rand.h> 63#include <openssl/rand.h>
64 64
65int RSA_padding_add_none(unsigned char *to, int tlen, unsigned char *from, 65int RSA_padding_add_none(unsigned char *to, int tlen,
66 int flen) 66 const unsigned char *from, int flen)
67 { 67 {
68 if (flen > tlen) 68 if (flen > tlen)
69 { 69 {
@@ -81,8 +81,8 @@ int RSA_padding_add_none(unsigned char *to, int tlen, unsigned char *from,
81 return(1); 81 return(1);
82 } 82 }
83 83
84int RSA_padding_check_none(unsigned char *to, int tlen, unsigned char *from, 84int RSA_padding_check_none(unsigned char *to, int tlen,
85 int flen, int num) 85 const unsigned char *from, int flen, int num)
86 { 86 {
87 87
88 if (flen > tlen) 88 if (flen > tlen)
diff --git a/src/lib/libcrypto/rsa/rsa_null.c b/src/lib/libcrypto/rsa/rsa_null.c
index 7b58a0eca3..64057fbdcf 100644
--- a/src/lib/libcrypto/rsa/rsa_null.c
+++ b/src/lib/libcrypto/rsa/rsa_null.c
@@ -69,16 +69,16 @@
69 * operations (like storing RSA keys) are permitted. 69 * operations (like storing RSA keys) are permitted.
70 */ 70 */
71 71
72static int RSA_null_public_encrypt(int flen, unsigned char *from, 72static int RSA_null_public_encrypt(int flen, const unsigned char *from,
73 unsigned char *to, RSA *rsa,int padding); 73 unsigned char *to, RSA *rsa,int padding);
74static int RSA_null_private_encrypt(int flen, unsigned char *from, 74static int RSA_null_private_encrypt(int flen, const unsigned char *from,
75 unsigned char *to, RSA *rsa,int padding); 75 unsigned char *to, RSA *rsa,int padding);
76static int RSA_null_public_decrypt(int flen, unsigned char *from, 76static int RSA_null_public_decrypt(int flen, const unsigned char *from,
77 unsigned char *to, RSA *rsa,int padding); 77 unsigned char *to, RSA *rsa,int padding);
78static int RSA_null_private_decrypt(int flen, unsigned char *from, 78static int RSA_null_private_decrypt(int flen, const unsigned char *from,
79 unsigned char *to, RSA *rsa,int padding); 79 unsigned char *to, RSA *rsa,int padding);
80#if 0 /* not currently used */ 80#if 0 /* not currently used */
81static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa); 81static int RSA_null_mod_exp(const BIGNUM *r0, const BIGNUM *i, RSA *rsa);
82#endif 82#endif
83static int RSA_null_init(RSA *rsa); 83static int RSA_null_init(RSA *rsa);
84static int RSA_null_finish(RSA *rsa); 84static int RSA_null_finish(RSA *rsa);
@@ -88,40 +88,41 @@ static RSA_METHOD rsa_null_meth={
88 RSA_null_public_decrypt, 88 RSA_null_public_decrypt,
89 RSA_null_private_encrypt, 89 RSA_null_private_encrypt,
90 RSA_null_private_decrypt, 90 RSA_null_private_decrypt,
91 NULL, NULL, 91 NULL,
92 NULL,
92 RSA_null_init, 93 RSA_null_init,
93 RSA_null_finish, 94 RSA_null_finish,
94 0, 95 0,
95 NULL, 96 NULL,
96 }; 97 };
97 98
98RSA_METHOD *RSA_null_method(void) 99const RSA_METHOD *RSA_null_method(void)
99 { 100 {
100 return(&rsa_null_meth); 101 return(&rsa_null_meth);
101 } 102 }
102 103
103static int RSA_null_public_encrypt(int flen, unsigned char *from, 104static int RSA_null_public_encrypt(int flen, const unsigned char *from,
104 unsigned char *to, RSA *rsa, int padding) 105 unsigned char *to, RSA *rsa, int padding)
105 { 106 {
106 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); 107 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
107 return -1; 108 return -1;
108 } 109 }
109 110
110static int RSA_null_private_encrypt(int flen, unsigned char *from, 111static int RSA_null_private_encrypt(int flen, const unsigned char *from,
111 unsigned char *to, RSA *rsa, int padding) 112 unsigned char *to, RSA *rsa, int padding)
112 { 113 {
113 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); 114 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
114 return -1; 115 return -1;
115 } 116 }
116 117
117static int RSA_null_private_decrypt(int flen, unsigned char *from, 118static int RSA_null_private_decrypt(int flen, const unsigned char *from,
118 unsigned char *to, RSA *rsa, int padding) 119 unsigned char *to, RSA *rsa, int padding)
119 { 120 {
120 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); 121 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
121 return -1; 122 return -1;
122 } 123 }
123 124
124static int RSA_null_public_decrypt(int flen, unsigned char *from, 125static int RSA_null_public_decrypt(int flen, const unsigned char *from,
125 unsigned char *to, RSA *rsa, int padding) 126 unsigned char *to, RSA *rsa, int padding)
126 { 127 {
127 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); 128 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c
index 1849e55cd5..e3f7c608ec 100644
--- a/src/lib/libcrypto/rsa/rsa_oaep.c
+++ b/src/lib/libcrypto/rsa/rsa_oaep.c
@@ -2,167 +2,205 @@
2/* Written by Ulf Moeller. This software is distributed on an "AS IS" 2/* Written by Ulf Moeller. This software is distributed on an "AS IS"
3 basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */ 3 basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */
4 4
5/* EME_OAEP as defined in RFC 2437 (PKCS #1 v2.0) */ 5/* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */
6 6
7#if !defined(NO_SHA) && !defined(NO_SHA1) 7/* See Victor Shoup, "OAEP reconsidered," Nov. 2000,
8 * <URL: http://www.shoup.net/papers/oaep.ps.Z>
9 * for problems with the security proof for the
10 * original OAEP scheme, which EME-OAEP is based on.
11 *
12 * A new proof can be found in E. Fujisaki, T. Okamoto,
13 * D. Pointcheval, J. Stern, "RSA-OEAP is Still Alive!",
14 * Dec. 2000, <URL: http://eprint.iacr.org/2000/061/>.
15 * The new proof has stronger requirements for the
16 * underlying permutation: "partial-one-wayness" instead
17 * of one-wayness. For the RSA function, this is
18 * an equivalent notion.
19 */
20
21
22#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
8#include <stdio.h> 23#include <stdio.h>
9#include "cryptlib.h" 24#include "cryptlib.h"
10#include <openssl/bn.h> 25#include <openssl/bn.h>
11#include <openssl/rsa.h> 26#include <openssl/rsa.h>
12#include <openssl/sha.h> 27#include <openssl/evp.h>
13#include <openssl/rand.h> 28#include <openssl/rand.h>
29#include <openssl/sha.h>
14 30
15int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen); 31int MGF1(unsigned char *mask, long len,
32 const unsigned char *seed, long seedlen);
16 33
17int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, 34int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
18 unsigned char *from, int flen, unsigned char *param, int plen) 35 const unsigned char *from, int flen,
19 { 36 const unsigned char *param, int plen)
20 int i, emlen = tlen - 1;
21 unsigned char *db, *seed;
22 unsigned char *dbmask, seedmask[SHA_DIGEST_LENGTH];
23
24 if (flen > emlen - 2 * SHA_DIGEST_LENGTH - 1)
25 { 37 {
26 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, 38 int i, emlen = tlen - 1;
27 RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); 39 unsigned char *db, *seed;
28 return (0); 40 unsigned char *dbmask, seedmask[SHA_DIGEST_LENGTH];
29 }
30 41
31 if (emlen < 2 * SHA_DIGEST_LENGTH + 1) 42 if (flen > emlen - 2 * SHA_DIGEST_LENGTH - 1)
32 { 43 {
33 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, RSA_R_KEY_SIZE_TOO_SMALL); 44 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,
34 return (0); 45 RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
35 } 46 return 0;
36 47 }
37 dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH); 48
38 if (dbmask == NULL) 49 if (emlen < 2 * SHA_DIGEST_LENGTH + 1)
39 { 50 {
40 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); 51 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, RSA_R_KEY_SIZE_TOO_SMALL);
41 return (0); 52 return 0;
42 } 53 }
54
55 dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH);
56 if (dbmask == NULL)
57 {
58 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
59 return 0;
60 }
43 61
44 to[0] = 0; 62 to[0] = 0;
45 seed = to + 1; 63 seed = to + 1;
46 db = to + SHA_DIGEST_LENGTH + 1; 64 db = to + SHA_DIGEST_LENGTH + 1;
47 65
48 SHA1(param, plen, db); 66 EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL);
49 memset(db + SHA_DIGEST_LENGTH, 0, 67 memset(db + SHA_DIGEST_LENGTH, 0,
50 emlen - flen - 2 * SHA_DIGEST_LENGTH - 1); 68 emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
51 db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01; 69 db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
52 memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen); 70 memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen);
53 if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0) 71 if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0)
54 return (0); 72 return 0;
55#ifdef PKCS_TESTVECT 73#ifdef PKCS_TESTVECT
56 memcpy(seed, 74 memcpy(seed,
57 "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f", 75 "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f",
58 20); 76 20);
59#endif 77#endif
60 78
61 MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH); 79 MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH);
62 for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++) 80 for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++)
63 db[i] ^= dbmask[i]; 81 db[i] ^= dbmask[i];
64 82
65 MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH); 83 MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH);
66 for (i = 0; i < SHA_DIGEST_LENGTH; i++) 84 for (i = 0; i < SHA_DIGEST_LENGTH; i++)
67 seed[i] ^= seedmask[i]; 85 seed[i] ^= seedmask[i];
68 86
69 OPENSSL_free(dbmask); 87 OPENSSL_free(dbmask);
70 return (1); 88 return 1;
71 } 89 }
72 90
73int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, 91int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
74 unsigned char *from, int flen, int num, unsigned char *param, 92 const unsigned char *from, int flen, int num,
75 int plen) 93 const unsigned char *param, int plen)
76 {
77 int i, dblen, mlen = -1;
78 unsigned char *maskeddb;
79 int lzero;
80 unsigned char *db = NULL, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH];
81
82 if (--num < 2 * SHA_DIGEST_LENGTH + 1)
83 goto decoding_err;
84
85 lzero = num - flen;
86 if (lzero < 0)
87 goto decoding_err;
88 maskeddb = from - lzero + SHA_DIGEST_LENGTH;
89
90 dblen = num - SHA_DIGEST_LENGTH;
91 db = OPENSSL_malloc(dblen);
92 if (db == NULL)
93 { 94 {
94 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); 95 int i, dblen, mlen = -1;
95 return (-1); 96 const unsigned char *maskeddb;
96 } 97 int lzero;
98 unsigned char *db = NULL, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH];
99 int bad = 0;
100
101 if (--num < 2 * SHA_DIGEST_LENGTH + 1)
102 /* 'num' is the length of the modulus, i.e. does not depend on the
103 * particular ciphertext. */
104 goto decoding_err;
105
106 lzero = num - flen;
107 if (lzero < 0)
108 {
109 /* lzero == -1 */
110
111 /* signalling this error immediately after detection might allow
112 * for side-channel attacks (e.g. timing if 'plen' is huge
113 * -- cf. James H. Manger, "A Chosen Ciphertext Attack on RSA Optimal
114 * Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001),
115 * so we use a 'bad' flag */
116 bad = 1;
117 lzero = 0;
118 }
119 maskeddb = from - lzero + SHA_DIGEST_LENGTH;
120
121 dblen = num - SHA_DIGEST_LENGTH;
122 db = OPENSSL_malloc(dblen);
123 if (db == NULL)
124 {
125 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
126 return -1;
127 }
97 128
98 MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen); 129 MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen);
99 for (i = lzero; i < SHA_DIGEST_LENGTH; i++) 130 for (i = lzero; i < SHA_DIGEST_LENGTH; i++)
100 seed[i] ^= from[i - lzero]; 131 seed[i] ^= from[i - lzero];
101 132
102 MGF1(db, dblen, seed, SHA_DIGEST_LENGTH); 133 MGF1(db, dblen, seed, SHA_DIGEST_LENGTH);
103 for (i = 0; i < dblen; i++) 134 for (i = 0; i < dblen; i++)
104 db[i] ^= maskeddb[i]; 135 db[i] ^= maskeddb[i];
105 136
106 SHA1(param, plen, phash); 137 EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL);
107 138
108 if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0) 139 if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad)
109 goto decoding_err; 140 goto decoding_err;
110 else
111 {
112 for (i = SHA_DIGEST_LENGTH; i < dblen; i++)
113 if (db[i] != 0x00)
114 break;
115 if (db[i] != 0x01 || i++ >= dblen)
116 goto decoding_err;
117 else 141 else
118 {
119 mlen = dblen - i;
120 if (tlen < mlen)
121 { 142 {
122 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE); 143 for (i = SHA_DIGEST_LENGTH; i < dblen; i++)
123 mlen = -1; 144 if (db[i] != 0x00)
145 break;
146 if (db[i] != 0x01 || i++ >= dblen)
147 goto decoding_err;
148 else
149 {
150 /* everything looks OK */
151
152 mlen = dblen - i;
153 if (tlen < mlen)
154 {
155 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE);
156 mlen = -1;
157 }
158 else
159 memcpy(to, db + i, mlen);
160 }
124 } 161 }
125 else 162 OPENSSL_free(db);
126 memcpy(to, db + i, mlen); 163 return mlen;
127 }
128 }
129 OPENSSL_free(db);
130 return (mlen);
131 164
132decoding_err: 165decoding_err:
133 /* to avoid chosen ciphertext attacks, the error message should not reveal 166 /* to avoid chosen ciphertext attacks, the error message should not reveal
134 * which kind of decoding error happened */ 167 * which kind of decoding error happened */
135 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR); 168 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR);
136 if (db != NULL) OPENSSL_free(db); 169 if (db != NULL) OPENSSL_free(db);
137 return -1; 170 return -1;
138 } 171 }
139 172
140int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen) 173int MGF1(unsigned char *mask, long len,
141 { 174 const unsigned char *seed, long seedlen)
142 long i, outlen = 0;
143 unsigned char cnt[4];
144 SHA_CTX c;
145 unsigned char md[SHA_DIGEST_LENGTH];
146
147 for (i = 0; outlen < len; i++)
148 { 175 {
149 cnt[0] = (i >> 24) & 255, cnt[1] = (i >> 16) & 255, 176 long i, outlen = 0;
150 cnt[2] = (i >> 8) & 255, cnt[3] = i & 255; 177 unsigned char cnt[4];
151 SHA1_Init(&c); 178 EVP_MD_CTX c;
152 SHA1_Update(&c, seed, seedlen); 179 unsigned char md[SHA_DIGEST_LENGTH];
153 SHA1_Update(&c, cnt, 4); 180
154 if (outlen + SHA_DIGEST_LENGTH <= len) 181 EVP_MD_CTX_init(&c);
155 { 182 for (i = 0; outlen < len; i++)
156 SHA1_Final(mask + outlen, &c); 183 {
157 outlen += SHA_DIGEST_LENGTH; 184 cnt[0] = (unsigned char)((i >> 24) & 255);
158 } 185 cnt[1] = (unsigned char)((i >> 16) & 255);
159 else 186 cnt[2] = (unsigned char)((i >> 8)) & 255;
160 { 187 cnt[3] = (unsigned char)(i & 255);
161 SHA1_Final(md, &c); 188 EVP_DigestInit_ex(&c,EVP_sha1(), NULL);
162 memcpy(mask + outlen, md, len - outlen); 189 EVP_DigestUpdate(&c, seed, seedlen);
163 outlen = len; 190 EVP_DigestUpdate(&c, cnt, 4);
164 } 191 if (outlen + SHA_DIGEST_LENGTH <= len)
192 {
193 EVP_DigestFinal_ex(&c, mask + outlen, NULL);
194 outlen += SHA_DIGEST_LENGTH;
195 }
196 else
197 {
198 EVP_DigestFinal_ex(&c, md, NULL);
199 memcpy(mask + outlen, md, len - outlen);
200 outlen = len;
201 }
202 }
203 EVP_MD_CTX_cleanup(&c);
204 return 0;
165 } 205 }
166 return (0);
167 }
168#endif 206#endif
diff --git a/src/lib/libcrypto/rsa/rsa_pk1.c b/src/lib/libcrypto/rsa/rsa_pk1.c
index 48a32bc264..c1edd6764f 100644
--- a/src/lib/libcrypto/rsa/rsa_pk1.c
+++ b/src/lib/libcrypto/rsa/rsa_pk1.c
@@ -63,7 +63,7 @@
63#include <openssl/rand.h> 63#include <openssl/rand.h>
64 64
65int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, 65int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
66 unsigned char *from, int flen) 66 const unsigned char *from, int flen)
67 { 67 {
68 int j; 68 int j;
69 unsigned char *p; 69 unsigned char *p;
@@ -89,10 +89,10 @@ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
89 } 89 }
90 90
91int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, 91int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
92 unsigned char *from, int flen, int num) 92 const unsigned char *from, int flen, int num)
93 { 93 {
94 int i,j; 94 int i,j;
95 unsigned char *p; 95 const unsigned char *p;
96 96
97 p=from; 97 p=from;
98 if ((num != (flen+1)) || (*(p++) != 01)) 98 if ((num != (flen+1)) || (*(p++) != 01))
@@ -141,7 +141,7 @@ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
141 } 141 }
142 142
143int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, 143int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
144 unsigned char *from, int flen) 144 const unsigned char *from, int flen)
145 { 145 {
146 int i,j; 146 int i,j;
147 unsigned char *p; 147 unsigned char *p;
@@ -179,10 +179,10 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
179 } 179 }
180 180
181int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, 181int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
182 unsigned char *from, int flen, int num) 182 const unsigned char *from, int flen, int num)
183 { 183 {
184 int i,j; 184 int i,j;
185 unsigned char *p; 185 const unsigned char *p;
186 186
187 p=from; 187 p=from;
188 if ((num != (flen+1)) || (*(p++) != 02)) 188 if ((num != (flen+1)) || (*(p++) != 02))
diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c
index c77f4381ff..85adacc08f 100644
--- a/src/lib/libcrypto/rsa/rsa_saos.c
+++ b/src/lib/libcrypto/rsa/rsa_saos.c
@@ -63,8 +63,9 @@
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64#include <openssl/x509.h> 64#include <openssl/x509.h>
65 65
66int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, 66int RSA_sign_ASN1_OCTET_STRING(int type,
67 unsigned char *sigret, unsigned int *siglen, RSA *rsa) 67 const unsigned char *m, unsigned int m_len,
68 unsigned char *sigret, unsigned int *siglen, RSA *rsa)
68 { 69 {
69 ASN1_OCTET_STRING sig; 70 ASN1_OCTET_STRING sig;
70 int i,j,ret=1; 71 int i,j,ret=1;
@@ -72,7 +73,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
72 73
73 sig.type=V_ASN1_OCTET_STRING; 74 sig.type=V_ASN1_OCTET_STRING;
74 sig.length=m_len; 75 sig.length=m_len;
75 sig.data=m; 76 sig.data=(unsigned char *)m;
76 77
77 i=i2d_ASN1_OCTET_STRING(&sig,NULL); 78 i=i2d_ASN1_OCTET_STRING(&sig,NULL);
78 j=RSA_size(rsa); 79 j=RSA_size(rsa);
@@ -100,9 +101,10 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
100 return(ret); 101 return(ret);
101 } 102 }
102 103
103int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m, 104int RSA_verify_ASN1_OCTET_STRING(int dtype,
104 unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, 105 const unsigned char *m,
105 RSA *rsa) 106 unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
107 RSA *rsa)
106 { 108 {
107 int i,ret=0; 109 int i,ret=0;
108 unsigned char *p,*s; 110 unsigned char *p,*s;
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c
index cf00876292..2a440901de 100644
--- a/src/lib/libcrypto/rsa/rsa_sign.c
+++ b/src/lib/libcrypto/rsa/rsa_sign.c
@@ -67,16 +67,18 @@
67/* Size of an SSL signature: MD5+SHA1 */ 67/* Size of an SSL signature: MD5+SHA1 */
68#define SSL_SIG_LENGTH 36 68#define SSL_SIG_LENGTH 36
69 69
70int RSA_sign(int type, unsigned char *m, unsigned int m_len, 70int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
71 unsigned char *sigret, unsigned int *siglen, RSA *rsa) 71 unsigned char *sigret, unsigned int *siglen, RSA *rsa)
72 { 72 {
73 X509_SIG sig; 73 X509_SIG sig;
74 ASN1_TYPE parameter; 74 ASN1_TYPE parameter;
75 int i,j,ret=1; 75 int i,j,ret=1;
76 unsigned char *p,*s = NULL; 76 unsigned char *p, *tmps = NULL;
77 const unsigned char *s = NULL;
77 X509_ALGOR algor; 78 X509_ALGOR algor;
78 ASN1_OCTET_STRING digest; 79 ASN1_OCTET_STRING digest;
79 if(rsa->flags & RSA_FLAG_SIGN_VER) 80 if((rsa->flags & RSA_FLAG_SIGN_VER)
81 && ENGINE_get_RSA(rsa->engine)->rsa_sign)
80 return ENGINE_get_RSA(rsa->engine)->rsa_sign(type, 82 return ENGINE_get_RSA(rsa->engine)->rsa_sign(type,
81 m, m_len, sigret, siglen, rsa); 83 m, m_len, sigret, siglen, rsa);
82 /* Special case: SSL signature, just check the length */ 84 /* Special case: SSL signature, just check the length */
@@ -105,7 +107,7 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len,
105 sig.algor->parameter= &parameter; 107 sig.algor->parameter= &parameter;
106 108
107 sig.digest= &digest; 109 sig.digest= &digest;
108 sig.digest->data=m; 110 sig.digest->data=(unsigned char *)m; /* TMP UGLY CAST */
109 sig.digest->length=m_len; 111 sig.digest->length=m_len;
110 112
111 i=i2d_X509_SIG(&sig,NULL); 113 i=i2d_X509_SIG(&sig,NULL);
@@ -117,14 +119,15 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len,
117 return(0); 119 return(0);
118 } 120 }
119 if(type != NID_md5_sha1) { 121 if(type != NID_md5_sha1) {
120 s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); 122 tmps=(unsigned char *)OPENSSL_malloc((unsigned int)j+1);
121 if (s == NULL) 123 if (tmps == NULL)
122 { 124 {
123 RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); 125 RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
124 return(0); 126 return(0);
125 } 127 }
126 p=s; 128 p=tmps;
127 i2d_X509_SIG(&sig,&p); 129 i2d_X509_SIG(&sig,&p);
130 s=tmps;
128 } 131 }
129 i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); 132 i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
130 if (i <= 0) 133 if (i <= 0)
@@ -133,13 +136,13 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len,
133 *siglen=i; 136 *siglen=i;
134 137
135 if(type != NID_md5_sha1) { 138 if(type != NID_md5_sha1) {
136 memset(s,0,(unsigned int)j+1); 139 memset(tmps,0,(unsigned int)j+1);
137 OPENSSL_free(s); 140 OPENSSL_free(tmps);
138 } 141 }
139 return(ret); 142 return(ret);
140 } 143 }
141 144
142int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, 145int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
143 unsigned char *sigbuf, unsigned int siglen, RSA *rsa) 146 unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
144 { 147 {
145 int i,ret=0,sigtype; 148 int i,ret=0,sigtype;
@@ -152,7 +155,8 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len,
152 return(0); 155 return(0);
153 } 156 }
154 157
155 if(rsa->flags & RSA_FLAG_SIGN_VER) 158 if((rsa->flags & RSA_FLAG_SIGN_VER)
159 && ENGINE_get_RSA(rsa->engine)->rsa_verify)
156 return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype, 160 return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype,
157 m, m_len, sigbuf, siglen, rsa); 161 m, m_len, sigbuf, siglen, rsa);
158 162
@@ -196,9 +200,9 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len,
196 (sigtype == NID_md2WithRSAEncryption))) 200 (sigtype == NID_md2WithRSAEncryption)))
197 { 201 {
198 /* ok, we will let it through */ 202 /* ok, we will let it through */
199 #if !defined(NO_STDIO) && !defined(WIN16) 203#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
200 fprintf(stderr,"signature has problems, re-make with post SSLeay045\n"); 204 fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
201 #endif 205#endif
202 } 206 }
203 else 207 else
204 { 208 {
diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c
index 482f4a8273..ea72629494 100644
--- a/src/lib/libcrypto/rsa/rsa_ssl.c
+++ b/src/lib/libcrypto/rsa/rsa_ssl.c
@@ -62,8 +62,8 @@
62#include <openssl/rsa.h> 62#include <openssl/rsa.h>
63#include <openssl/rand.h> 63#include <openssl/rand.h>
64 64
65int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from, 65int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
66 int flen) 66 const unsigned char *from, int flen)
67 { 67 {
68 int i,j; 68 int i,j;
69 unsigned char *p; 69 unsigned char *p;
@@ -102,11 +102,11 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from,
102 return(1); 102 return(1);
103 } 103 }
104 104
105int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from, 105int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
106 int flen, int num) 106 const unsigned char *from, int flen, int num)
107 { 107 {
108 int i,j,k; 108 int i,j,k;
109 unsigned char *p; 109 const unsigned char *p;
110 110
111 p=from; 111 p=from;
112 if (flen < 10) 112 if (flen < 10)
diff --git a/src/lib/libcrypto/rsa/rsa_test.c b/src/lib/libcrypto/rsa/rsa_test.c
index e5ae0c1f69..b8b462d33b 100644
--- a/src/lib/libcrypto/rsa/rsa_test.c
+++ b/src/lib/libcrypto/rsa/rsa_test.c
@@ -3,12 +3,12 @@
3#include <stdio.h> 3#include <stdio.h>
4#include <string.h> 4#include <string.h>
5 5
6#include "openssl/e_os.h" 6#include "e_os.h"
7 7
8#include <openssl/crypto.h> 8#include <openssl/crypto.h>
9#include <openssl/err.h> 9#include <openssl/err.h>
10#include <openssl/rand.h> 10#include <openssl/rand.h>
11#ifdef NO_RSA 11#ifdef OPENSSL_NO_RSA
12int main(int argc, char *argv[]) 12int main(int argc, char *argv[])
13{ 13{
14 printf("No RSA support\n"); 14 printf("No RSA support\n");
@@ -16,6 +16,7 @@ int main(int argc, char *argv[])
16} 16}
17#else 17#else
18#include <openssl/rsa.h> 18#include <openssl/rsa.h>
19#include <openssl/engine.h>
19 20
20#define SetKey \ 21#define SetKey \
21 key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \ 22 key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
@@ -219,10 +220,12 @@ int main(int argc, char *argv[])
219 int clen = 0; 220 int clen = 0;
220 int num; 221 int num;
221 222
223 CRYPTO_malloc_debug_init();
224 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
225 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
226
222 RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */ 227 RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
223 228
224 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
225
226 plen = sizeof(ptext_ex) - 1; 229 plen = sizeof(ptext_ex) - 1;
227 230
228 for (v = 0; v < 3; v++) 231 for (v = 0; v < 3; v++)
@@ -305,9 +308,10 @@ int main(int argc, char *argv[])
305 RSA_free(key); 308 RSA_free(key);
306 } 309 }
307 310
311 CRYPTO_cleanup_all_ex_data();
308 ERR_remove_state(0); 312 ERR_remove_state(0);
309 313
310 CRYPTO_mem_leaks_fp(stdout); 314 CRYPTO_mem_leaks_fp(stderr);
311 315
312 return err; 316 return err;
313 } 317 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-09 11:50:47 +0000